Privacy Protocol Umbra shuts down the frontend to prevent Kelp attackers, Tornado Cash co-founder says this move is insufficient to avoid regulatory accountability

On April 22, the privacy encryption protocol Umbra shut down its front-end website to make it harder for hackers to move stolen funds. Umbra said that about $800,000 in stolen funds flowed through its protocol. The closure of the front end was a “maintenance mode” decision, which would be resumed after ensuring it does not affect the work of recovering the funds.

This move comes after the Kelp protocol was recently attacked, with losses exceeding $280 million. The attackers are believed to be North Korean hackers, and they reportedly tried to move funds from Ethereum to Bitcoin across chains using protocols such as Umbra. However, Roman Storm, co-founder of Tornado Cash, warned that simply shutting down the front end may not be enough to avoid regulatory accountability. He said that in his case, authorities believed that “changing the front end is equivalent to controlling the entire protocol,” and that “if you can change the user interface—including by updating it with a new version on IPFS—then you fully control the protocol.”

Umbra responded that its protocol is primarily used for “protecting the identity of recipients, not senders.” It said that all stolen funds flowing through its protocol can be traced, and that it has reached out to security researchers.